MyX509TrustManager() throws java.security.GeneralSecurityException {
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
KeyStore ks = KeyStore.getInstance("JKS");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
try {
ks.load(null, null);
File cacert = new File(cafile);
if (!cacert.exists() || !cacert.canRead()) return;
InputStream caStream = new FileInputStream(cafile);
X509Certificate ca = (X509Certificate) cf.generateCertificate(caStream);
ks.setCertificateEntry("CA", ca);
PKIXBuilderParameters params = new PKIXBuilderParameters(ks, new X509CertSelector());
File crlcert = new File(crlfile);
if (!crlcert.exists() || !crlcert.canRead()) {
params.setRevocationEnabled(false);
} else {
InputStream crlStream = new FileInputStream(crlfile);
Collection<? extends CRL> crls = cf.generateCRLs(crlStream);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
params.addCertStore(store);
params.setRevocationEnabled(true);
}
tmf.init(new CertPathTrustManagerParameters(params));
} catch (java.io.FileNotFoundException e) {
vlog.error(e.toString());
} catch (java.io.IOException e) {
vlog.error(e.toString());
}
tm = (X509TrustManager) tmf.getTrustManagers()[0];
}
// An X.509 trust manager for a KeyStore.
public static TrustManager trustManager(final KeyStore keyStore)
throws NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException {
final TrustManagerFactory factory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
synchronized (factory) {
factory.init(keyStore);
for (TrustManager tm : factory.getTrustManagers()) {
if (tm instanceof X509TrustManager) {
return tm;
}
}
return null;
}
}
public static void main(PeerFactory peerFactory, KeyStore keyStore, String[] args)
throws Exception {
long time = System.currentTimeMillis();
String relPath;
if ((args != null) && (args.length > 0) && args[0].equals("sh")) {
relPath = pathToStoresSH;
} else {
relPath = pathToStores;
}
PATH = new File(System.getProperty("test.src", "."), relPath);
CipherTest.peerFactory = peerFactory;
System.out.print("Initializing test '" + peerFactory.getName() + "'...");
// secureRandom = new SecureRandom();
// secureRandom.nextInt();
// trustStore = readKeyStore(trustStoreFile);
CipherTest.keyStore = keyStore;
// keyStore = readKeyStore(keyStoreFile);
KeyManagerFactory keyFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyFactory.init(keyStore, "test12".toCharArray());
keyManager = (X509ExtendedKeyManager) keyFactory.getKeyManagers()[0];
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
trustManager = (X509TrustManager) tmf.getTrustManagers()[0];
// trustManager = new AlwaysTrustManager();
SSLContext context = SSLContext.getInstance("TLS");
context.init(new KeyManager[] {keyManager}, new TrustManager[] {trustManager}, null);
SSLContext.setDefault(context);
CipherTest cipherTest = new CipherTest(peerFactory);
Thread serverThread = new Thread(peerFactory.newServer(cipherTest), "Server");
serverThread.setDaemon(true);
serverThread.start();
System.out.println("Done");
cipherTest.run();
time = System.currentTimeMillis() - time;
System.out.println("Done. (" + time + " ms)");
}